Simple Verification

Community Auth’s verification methods check if a user is logged in, but the user won’t get redirected to a login form if they are not logged in. This is the main difference between the methods below and Enforcing Authentication.

Check if User Logged In

Most of the time, if you have a page that does not require login, but want to show a logout link or other information specific to a logged in user, you will use the following in the appropriate method of your controller:

$this->is_logged_in();

Calling is_logged_in() loads the authentication variables. Please note: the authentication variables will be set when enforcing authentication. You don’t need to call is_logged_in() if you are already using require_role(), require_min_level(), etc.

Also note: If you have set “cookie_secure” to TRUE in config/config.php, is_logged_in() will never return anything on a standard HTTP page. You can still see if somebody is logged in by checking if certain variables or config items are set.

Verify a Minimum Auth Level

The is_logged_in() method from above is actually an alias for Auth_Controller->verify_min_level(0). If instead of checking if anyone is logged in you instead want to check if a user with a auth level greater than or equal to 6 is logged in, then you do this:

if( $this->verify_min_level(6) )
{
// User with level 6 or greater can see this ...
}

The important thing to note here is that verify_min_level is not going to redirect a person to the login form if they are not logged in. We are simply checking to see if they are. Also, if the user is not level 6 or greater, they are logged out!

Verify a Role

If you want to verify that a specific user role is logged in:

if( $this->verify_role('admin') )
{
// Admin can see this ...
}

You could also check for more than one role:

if( $this->verify_role('admin,manager') )
{
// Admin or manager can see this ...
}

Notice that “admin,manager” is just a comma delimited string (not an array).

Verify a Role After Simple Verification

After you have done a simple verification using one of the methods above, you may have a case where you don’t know the role, if for instance you verified admin and managers. We can find the true role of the logged in user as follows:

if( $this->verify_role('admin,manager') )
{
// Admin or manager can see this ...
if( $this->is_role('admin') )
{
// Only admin can see this ...
}
}